I believe the last section on security is misleading. My recollection is that WebAssembly specifies a translation from the AST back to text so you can essentially, and explicitly, view the "source" of the module. See:
https://github.com/WebAssembly/design/blob/master/FAQ.md
And the section on "Will WebAssembly support View Source on the Web?".
This, of course, is more about security on the client side rather than security for the code, but given the choice, I'm far more concerned about protecting the user, even if that means my precious SPA code could get cribbed by an unscrupulous developer.
